Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Open Source Data Collection Tool RudderStack Found to Collect Passwords

2025-02-01
Open Source Data Collection Tool RudderStack Found to Collect Passwords

The open-source data collection tool RudderStack has been found to have a serious security vulnerability that, under certain circumstances, collects user passwords. The vulnerability stems from its autotrack feature, which collects all DOM attributes of elements a user clicks on. These attributes can contain sensitive information like passwords. This mirrors a similar vulnerability found in Mixpanel two years ago. While RudderStack has patched the issue partially, the fix is incomplete and potential risks remain. Users are advised to proceed with caution and monitor for updates.

(www.freshpaint.io)
Development data collection